<?php

require_once '../config/config.php';
require_once '../config/common.php';
//$user = checksession();
$password = md5($_REQUEST['password']);
$newpassword = $_REQUEST['newpassword'];
$renewpassword = $_REQUEST['renewpassword'];
if ($newpassword != $renewpassword) {
    exit('<script>alert("两次输入的密码不一致，请重新输入");window.location="password.html"</script>');
}
$conn = new mysqli(HOST, USER, PASSWORD, DATABASE);
if ($conn->connect_errno) {
    die('数据库连接失败：' . $conn->connect_error);
}
$stmt = $conn->prepare('select password from user_list where id=1');
$stmt->execute();
$stmt->bind_result($oldpassword);
$stmt->fetch();
if ($password != $oldpassword) {
    exit('<script>alert("输入的密码不正确，请重新输入");window.location="password.html"</script>');
}
$stmt->free_result();
$stmt = $conn->prepare('update user_list set password=? where id=1');
$stmt->bind_param('s', md5($newpassword));
$stmt->execute();
if ($stmt->affected_rows==1) {
    echo '<script>alert("修改成功，点击返回");window.location="password.html"</script>';
} else {
  echo  '<script>alert("修改失败");window.location="password.html"</script>';
}
$stmt->free_result();
$stmt->close();
